From d8272421760fd310f1f2e237f5c5d48952d3a4ef Mon Sep 17 00:00:00 2001 From: rsiddharth Date: Wed, 24 Feb 2021 18:20:55 -0500 Subject: challenge: ch17.go: don't use lib.OracleKey and lib.OracleIV --- challenge/c17.go | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'challenge') diff --git a/challenge/c17.go b/challenge/c17.go index 45c53bd..78c949c 100644 --- a/challenge/c17.go +++ b/challenge/c17.go @@ -11,6 +11,10 @@ import ( // Cryptopals #17 - CBC padding oracle attack func C17() { + key, err := lib.RandomKey(16) + if err != nil { + fmt.Printf("key generation: error: %v\n", err) + } cookies := []string{ "MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=", "MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=", @@ -26,14 +30,17 @@ func C17() { encrypt := func() ([]byte, []byte) { r := lib.RandomInt(0, int64(len(cookies)-1)) p := lib.Base64ToBytes(cookies[r]) - k := lib.OracleKey - iv := lib.OracleIV + k := key + iv, err := lib.RandomKey(16) + if err != nil { + fmt.Printf("iv generation: error: %v\n", err) + } c := lib.AESEncryptCBC(p, k, iv) return c, iv } decrypt := func(c, iv []byte) bool { - k := lib.OracleKey + k := key _, err := lib.AESDecryptCBC(c, k, iv) if err != nil { return false -- cgit v1.2.3